Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GRxucBybmnTb18QxrdQsw71GaNg.roa
File: GRxucBybmnTb18QxrdQsw71GaNg.roa (raw, json)
Hash identifier: Zg2sP1qR7AR8QFPZu/u5I1ZKszz70F4u6aKgEUhay6c=
Subject key identifier: 19:1C:6E:70:1C:9B:9A:74:DB:D7:C4:31:AD:D4:2C:C3:BD:46:68:D8
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0193E8F2669A58D1567DD87499002FE409AF
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GRxucBybmnTb18QxrdQsw71GaNg.roa
Signing time: Sat 21 Dec 2024 11:20:20 +0000
ROA not before: Sat 21 Dec 2024 11:20:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a09:6280:b::/48 maxlen: 48
2a10:4100::/32 maxlen: 32
2a12:a345::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e8:f2:66:9a:58:d1:56:7d:d8:74:99:00:2f:e4:09:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Dec 21 11:20:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191c6e701c9b9a74dbd7c431add42cc3bd4668d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:66:62:5a:19:19:a7:3f:dc:56:54:07:a3:a9:
6b:51:b6:0a:f8:f9:40:24:86:45:28:c1:b2:66:aa:
52:e6:95:e6:97:57:8c:04:34:e8:77:18:db:92:90:
a5:80:8b:e3:5a:6f:b4:fb:36:74:9a:e8:84:20:fc:
90:dc:2f:88:d1:63:da:c7:23:11:91:10:44:86:f7:
7b:74:7e:38:7c:3c:2b:ec:9a:3d:f8:8e:45:47:be:
75:00:fd:ea:0f:d3:8f:69:7f:5a:a5:03:65:dd:b5:
00:86:6d:c8:60:27:de:45:f9:52:cf:61:85:38:e8:
34:9b:0b:96:da:7f:50:cc:bd:ff:10:03:b9:a5:a9:
d7:d9:f8:93:3d:7e:01:d9:13:68:70:a6:b4:64:df:
82:28:4e:71:5d:ae:4a:3b:81:68:04:7a:a8:63:54:
98:f8:cc:da:bf:f7:67:c2:6f:9f:4e:b5:f7:49:96:
9a:ac:cb:14:13:d6:75:5b:3d:bd:be:74:93:7d:f5:
39:ff:4b:cb:7e:73:62:41:3a:cd:6e:73:4e:d9:77:
10:10:77:da:ce:88:7d:bd:2d:2b:07:db:24:a2:db:
b6:c4:7d:2b:32:68:12:c2:66:64:d1:f3:d6:17:76:
34:6e:b5:9f:8a:1c:fb:b0:1b:e4:31:46:52:32:d8:
e7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1C:6E:70:1C:9B:9A:74:DB:D7:C4:31:AD:D4:2C:C3:BD:46:68:D8
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GRxucBybmnTb18QxrdQsw71GaNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6280:b::/48
2a10:4100::/32
2a12:a345::/32
Signature Algorithm: sha256WithRSAEncryption
cc:3b:e2:f6:5a:2a:8c:4e:fb:de:8b:38:87:2c:23:0e:13:a9:
36:cf:07:5a:25:5c:07:56:7e:2a:30:93:10:e6:5a:ae:88:35:
e0:9b:4f:fb:4a:91:15:99:f1:fe:a4:c6:96:1d:e8:f4:f0:73:
d8:ec:30:37:be:bd:23:dd:c6:91:03:72:3a:b1:b9:1d:06:c5:
22:76:aa:70:8d:fc:bb:f2:cd:7c:6e:56:fd:e5:cb:01:d0:9b:
82:2f:dd:e5:4a:a1:bf:3f:19:e3:d1:1a:08:bd:b6:0b:7e:c6:
87:09:c1:55:32:1f:30:51:f2:cf:f3:62:4b:d2:9f:64:9d:1c:
32:87:8b:ac:e1:31:04:a9:e0:0a:65:c2:4c:9d:ae:f1:fa:8b:
3d:f1:ce:5e:b6:0b:df:67:19:3a:4a:c7:a1:2f:b7:5e:97:ca:
86:2a:44:5b:99:c4:4b:83:f5:61:58:3f:ed:51:48:7d:bf:7a:
fa:c1:61:fc:08:16:32:80:24:0d:95:ce:0b:51:90:c1:8c:cc:
76:6c:2d:9f:b9:f6:9e:53:8d:79:18:3b:b6:63:8a:54:7b:b8:
21:1a:68:4a:db:07:8b:0b:10:02:f2:f3:a3:19:36:aa:87:39:
b1:cf:01:19:88:88:c0:f3:58:3a:cb:e4:d2:00:4e:34:8a:5b:
be:a2:24:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZPo8maaWNFWfdh0mQAv5AmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMjIxMTEyMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFjNmU3MDFjOWI5YTc0ZGJkN2M0MzFhZGQ0MmNjM2JkNDY2OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2ZiWhkZpz/cVlQHo6lrUbYK+PlA
JIZFKMGyZqpS5pXml1eMBDTodxjbkpClgIvjWm+0+zZ0muiEIPyQ3C+I0WPaxyMR
kRBEhvd7dH44fDwr7Jo9+I5FR751AP3qD9OPaX9apQNl3bUAhm3IYCfeRflSz2GF
OOg0mwuW2n9QzL3/EAO5panX2fiTPX4B2RNocKa0ZN+CKE5xXa5KO4FoBHqoY1SY
+Mzav/dnwm+fTrX3SZaarMsUE9Z1Wz29vnSTffU5/0vLfnNiQTrNbnNO2XcQEHfa
zoh9vS0rB9skotu2xH0rMmgSwmZk0fPWF3Y0brWfihz7sBvkMUZSMtjnjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBkcbnAcm5p029fEMa3ULMO9RmjYMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvR1J4dWNCeWJtblRiMThReHJkUXN3NzFHYU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAKgligAAL
AwUAKhBBAAMFACoSo0UwDQYJKoZIhvcNAQELBQADggEBAMw74vZaKoxO+96LOIcs
Iw4TqTbPB1olXAdWfiowkxDmWq6INeCbT/tKkRWZ8f6kxpYd6PTwc9jsMDe+vSPd
xpEDcjqxuR0GxSJ2qnCN/LvyzXxuVv3lywHQm4Iv3eVKob8/GePRGgi9tgt+xocJ
wVUyHzBR8s/zYkvSn2SdHDKHi6zhMQSp4AplwkydrvH6iz3xzl62C99nGTpKx6Ev
t16XyoYqRFuZxEuD9WFYP+1RSH2/evrBYfwIFjKAJA2VzgtRkMGMzHZsLZ+59p5T
jXkYO7ZjilR7uCEaaErbB4sLEALy86MZNqqHObHPARmIiMDzWDrL5NIATjSKW76i
JHg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:14 2025 by rpki-client